We need to use the LDAP service for Logins, so the daemon has to stay there running. It's just that sslv2 has to be disabled on port 636. Appreciate all the help! Thanks! Rohit Khaladkar On Tue, Jun 2, 2009 at 8:59 PM, mark <m.roth2006@xxxxxxx> wrote: > Rohit khaladkar wrote: > > Here they are : > > [root@puiqtk01 conf]# lsof -i :636 > > COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME > > slapd 3498 ldap 9u IPv6 11266 TCP *:ldaps (LISTEN) > > slapd 3498 ldap 10u IPv4 11267 TCP *:ldaps (LISTEN) > > > Showing this has nothing at all to do with apache. > > Is this server an LDAP server, as well? Do you use it as one, or is it > required > for logins? If none of the above is true, then you need to shut down the > LDAP > daemon. > > mark > > > > Thanks! > > Rohit Khaladkar > > > > On Tue, Jun 2, 2009 at 8:32 PM, Harry Hoffman <hhoffman@xxxxxxxxxxxxxxxx > >wrote: > > > >> Can you run (as root) > >> > >> lsof -i :636 > >> > >> and paste the results? > >> > >> Cheers, > >> Harry > >> > >> > >> Rohit khaladkar wrote: > >> > >>> Thanks Nigel. > >>> I am editing /opt/ABC/CCR/Apache2/conf/ssl.conf file. > >>> > >>> > >>> > >>> > >>> > >>> > >>> On Tue, Jun 2, 2009 at 8:04 PM, Nigel Wade <nmw@xxxxxxxxxxxx> wrote: > >>> > >>> Rohit khaladkar wrote: > >>>> Hi All,I want to disable ssl2 on a linux server for Port 636. Here is > >>>>> the > >>>>> procedure that I followed : > >>>>> > >>>>> 1)Edit ssl.conf and added following entries in it . > >>>>> > >>>>> SSLCipherSuite HIGH:!SSLv2:!ADH:!aNULL:!eNULL:!NULL > >>>>> SSLProtocol -All +SSLv3 +TLSv1 > >>>>> > >>>>> 2)Restarted Apache service. > >>>>> > >>>>> 3)Restarted network. > >>>>> > >>>>> I checked if ssl2 is disabled using the following command : > >>>>> > >>>>> openssl s_client -connect hostname:636 -ssl2 > >>>>> > >>>>> where hostname= server name > >>>>> > >>>>> But it still shows me the certificate. I even tried rebooting the > >>>>> machine > >>>>> , > >>>>> but no luck. > >>>>> > >>>>> Am I missing anything here?. > >>>>> > >>>>> > >>>>> Port 636 is normally the ldaps port, ie. SSL encrypted LDAP. Are you > >>>> really > >>>> listening on that port with Apache? Which ssl.conf did you edit, a > full > >>>> path > >>>> would be rather more specific than just a filename? > >>>> > >>>> Maybe you want to replace 636 with 443 (https) as the openssl request > >>>> port. > >>>> > >>>> -- > >>>> Nigel Wade, System Administrator, Space Plasma Physics Group, > >>>> University of Leicester, Leicester, LE1 7RH, UK > >>>> E-mail : nmw@xxxxxxxxxxxx > >>>> Phone : +44 (0)116 2523548, Fax : +44 (0)116 2523555 > >>>> > >>>> > >>>> -- > >>>> redhat-list mailing list > >>>> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > >>>> https://www.redhat.com/mailman/listinfo/redhat-list > >>>> > >>>> > >>> > >>> > >> -- > >> redhat-list mailing list > >> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > >> https://www.redhat.com/mailman/listinfo/redhat-list > >> > > > > > > > > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list > -- Thanks! Rohit Khaladkar -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
